CVE-2010-3077

{"id": "CVE-2010-3077", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2010-11-09T21:00:04.117", "references": [{"url": "http://git.horde.org/diff.php/horde/util/icon_browser.php?rt=horde-git&r1=a978a35c3e95e784253508fd4333d2fbb64830b6&r2=9342addbd2b95f184f230773daa4faf5ef6d65e9", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050408.html", "source": "secalert@redhat.com"}, {"url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050423.html", "source": "secalert@redhat.com"}, {"url": "http://lists.horde.org/archives/announce/2010/000557.html", "tags": ["Patch", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://seclists.org/fulldisclosure/2010/Sep/82", "tags": ["Exploit", "Patch"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/42140", "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=630687", "source": "secalert@redhat.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in util/icon_browser.php in the Horde Application Framework before 3.3.9 allows remote attackers to inject arbitrary web script or HTML via the subdir parameter."}, {"lang": "es", "value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en util/icon_browser.php en el Horde Application Framework anterior a v3.3.9 que permite a atacantes remotos inyectar codigo de script web o c\u00f3digo HTML de su elecci\u00f3n a trav\u00e9s del par\u00e1metro \"subdir\"."}], "lastModified": "2011-07-12T02:38:39.863", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:horde:horde_application_framework:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6D53EAD-F1D9-40A9-87BA-DCB0AF5123E2", "versionEndIncluding": "3.3.8"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0895A4FC-4755-4125-822D-6D5A81C8EBC9"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:1.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8DA68CF-D7EB-48CF-9D2D-43E26A4F0BCA"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:1.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "04288C25-9111-44E1-9099-7ED65639A395"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:1.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "793768BD-03C9-428A-B8AC-E03FEA65D32A"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:1.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B50AD460-4240-4A75-8944-21F0D5BA711C"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:1.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5EB2DBC9-0934-4BA2-A6E0-CF1BCB1E0E8E"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:1.3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "362CDCE7-16DA-4951-81ED-5B858126E37A"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:1.3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D622651E-ECBC-4A88-8AD2-8EB9AA27F348"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C64FB724-0978-48E1-94AA-2ED5281C1C2F"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2188602F-74FC-4252-9D0C-4B6D68ECA850"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.0:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E8FF53EE-1D8E-450C-92A2-204EA2B7C410"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.0:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13ECD794-7621-413B-AC67-FD0072C3F2EA"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9535A094-9B6F-4E17-8097-D7A6D8936F8F"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F473B48-F48A-4B6B-8D69-1F97BB6AA923"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8E1A7DB-906F-4973-BF1C-EFFA0B595A42"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD67E143-A9C0-458A-87C5-E6B3C9AC628D"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA9E6EB8-B5E5-41DF-B5E2-0A97448D16A0"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36BEAB4E-04DA-4EDD-990C-697EA0984291"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "142B9B05-955E-4688-AF6E-ED7B4FE41846"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "295D48BB-F143-4047-B366-74101AB983CC"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.6:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8359595-A986-4B7D-9AD6-0F03C037B9CF"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "58431B48-EA29-4A6F-B9FF-C416924E63B8"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61064C18-0E45-4790-B323-262287D8DE34"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:2.2.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CCFF25C4-03F2-4D65-ABA9-2406957D546E"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D1A7CA2D-A52C-4683-ABD3-B63763B2290E"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0:alpha:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E72F0C02-DEF7-4617-AD5D-CB808DEE1CC7"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1B318B6-6774-4F9D-8BFC-38B259646922"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "48540E28-E523-4556-BB13-3F3B9F76E043"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7761A879-F736-4D45-AA98-6556946A0CD8"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17093F61-EDE4-44C0-9A75-5E2C94B86D49"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA0A882D-9BEB-4A3C-9371-69260374E0B6"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A17E3AFB-849F-463D-96E8-686B049F48DC"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "047563A7-5F6A-4DE2-8518-88E4E6EEB7D1"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.3:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5DAAF73-EC16-4E7E-AAFA-A23F36312884"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78356C5F-A76E-4CB1-894D-0D882A665096"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.4:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2842743-831D-455C-A319-68A7D604834F"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.4:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2DF05F67-D172-4569-8839-838B2F84D937"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0405EC4-12DA-4F15-A5B0-799D399C759E"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.5:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4C51DE3-C6D8-4A49-9DD2-E45A734A8C2A"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.5:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79D21AFE-DA3C-43D4-B253-B5F2682C00C2"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1C1DE26-E7B2-4A4E-9F6D-4206F7BC5EBD"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.6:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5ADB7BC-7326-4A66-82FE-5B5AB9BAD344"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6ED629B0-A214-47B5-9767-B47AFB154AFD"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C07F450D-6DF4-48F2-8776-E791BCBD469A"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE5B2E87-5A29-4EF8-8BCC-1E5AE28BE6EC"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C55F4BF3-EFA5-4E58-A32C-7DF7F00B74CD"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7795DE95-4DCE-483D-817A-62250802AEF3"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.0.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1076ED89-666B-4E1A-B90C-1E9C23C70E07"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "005FB9D3-71C7-4C4B-8D1A-1046A21ABE64"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C2CD4E9-D06D-44FB-9773-29640E456DC7"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD9A8696-C91C-467B-A43B-5F2AEFB49A9D"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C316222-9E28-4D53-A3FE-A47337782260"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17003C82-B711-496C-A2D4-0CC5FB2DCAC8"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B11F13D-5FEC-4090-804A-28D1B2938112"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B6E3FE20-264A-4496-8FB3-E59A3A38BAE4"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F86A1C7-D369-40A7-BFF3-03AC4F3977F2"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.4:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D49B7214-8BC7-4495-A3C1-4702E5F98DD7"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D45517DB-2F8C-41BB-9453-7B50F2227286"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "852EA094-4661-43EA-B715-0524ABA33274"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1885E75E-4A0C-4393-A900-E611EEA461BB"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0202CB6-459E-4867-A220-A248A7D419C6"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.1.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "666F75EF-0B30-476B-B4D3-3465AC85C81E"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88BE4BD4-174C-4EC5-BCE7-CA63D1369043"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.2:alpha:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB00DEDC-BFCE-4238-BD34-594F075DD11C"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.2:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F54438D0-C3BB-47BD-BD66-1AEDE08387F3"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.2:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB30C91F-B3F8-45B8-9F79-7EB643A1FAB8"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.2:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B9EC024-FA54-457A-9CAE-E9C5AB990DCF"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.2:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E94D8DDD-CE4B-4F7D-8699-6D8D979BB354"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D32C974-121E-4FAB-8E39-2933C912935F"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60A02DC9-3602-43B2-8574-15A6D4528142"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61F847C8-7775-4FC0-BBE1-C56DFC3D9A63"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1ECC0C8-DE09-4079-8476-B0C82ABE980A"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.2.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0465D03-EE78-4D1D-B6F3-0AB6636D8589"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8ADA6AAC-7511-47F6-B805-A5C48BA4CD11"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.3:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DBA57981-630B-40A7-A6B3-9443A926BC31"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B3CB720-A1C0-4E49-BA2C-02283499F252"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CE83C51-175E-4FB9-BA2B-505A8B559D44"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "172260F8-D4E5-470D-84EA-00B88B090A8B"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51487521-E1DB-4CD0-9071-C9449EFB681E"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.3.4:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "880EFFF2-54E1-47B3-A87B-9D7F41505B5C"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.3.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA44794C-3D45-4BC8-AEDB-8D98C5BF6214"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.3.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C047C7A-2338-49D9-8B25-78A25B45788A"}, {"criteria": "cpe:2.3:a:horde:horde_application_framework:3.3.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "283653B3-00DD-4F9D-AD0E-625564FDE72C"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}